SB2026061761 - Origin validation error in undici

Description

This security bulletin contains information about 1 vulnerability.

1) Origin validation error (CVE-ID: CVE-2026-6734)

CWE-ID: CWE-346 - Origin Validation Error

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to disclose sensitive information, modify request routing, and cause requests to be sent to the wrong origin.

The vulnerability exists due to origin validation error in Socks5ProxyAgent connection pool reuse when handling requests to multiple origins through a shared proxy agent. A remote user can trigger requests to a different origin through the reused pool to disclose sensitive information, modify request routing, and cause requests to be sent to the wrong origin.

Responses from the wrong origin may be trusted, and HTTPS requests may be silently downgraded to HTTP.

Remediation

Install update from vendor's website.

References

• https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj
• https://github.com/nodejs/undici/pull/5041